Yet again we are reminded that the mild conveniences of the smart home are all well and good, right up until someone decides to turn one of those

IntroductionThe iOS 11 mptcp bug (CVE-2018-4241) discovered by Ian Beer is a serious kernel vulnerability which involves a buffer overflow in mptcp_usr_connectx that allows attackers to execute arbitr

Five different backdoors were found in Cisco's software this year, and Cisco's history with backdoors goes back many years.

Armis, the cyber-security firm that discovered the BlueBorne vulnerabilities in the Bluetooth protocol, warns that nearly half a billion of today's "smart" devices are vulnerable to a decade-old attack known as DNS rebinding.

With Gmail’s new design rolled out to more and more users, many have had a chance to try out its new “Confidential Mode.” While many of its features sound promising, what “Confidential Mode” provides

Intro - Testing Google Sites and Google Caja In March 2018, I reported an XSS in Google Caja, a tool to securely embed arbitrary html/javascript in a webpage. In May 2018, after the XSS was fixed, I r

In the previous post in this series, I introduced the use case of an attacker persisting via a LaunchAgent/Daemon, and a few osquery…

The injected malware uses EXIF format to hide the code and the compromised images are available on Google+ and GoogleUserContent sites.

Guest Post: ARTEMIS is a new defence system for network operators that can reduce BGP hijack detection and mitigation times from hours/days to a few seconds or minutes.

#NoFilter